Cisco Cisco Email Security Appliance X1050 Troubleshooting Guide
Filter Emails with Empty Message Bodies on the
Email Security Appliance
Email Security Appliance
Document ID: 119005
Contributed by Julius Ang, Cisco TAC Engineer.
Jun 09, 2015
Contents
Introduction
Problem
Solution
Problem
Solution
Introduction
This document describes how to filter messages with a blank message body on the Cisco Email Security
Appliance (ESA).
Appliance (ESA).
Problem
You receive spam emails from a legitimate mail domain, but the body of the message is empty.
Solution
Some spammers use legitimate mail domains, such as gmail.com, and send spam emails with an empty
message body.
message body.
In order to resolve this issue, you can create a Message Filter that drops this type of email.
Tip: You can also change the sender domain, if necessary.
Enter the filters > new CLI command, as shown in the next example, and implement the only−body−contains
rule along with any rules that are appropriate to your environment. This example includes rules for the
receiving listener and the mail−from command:
rule along with any rules that are appropriate to your environment. This example includes rules for the
receiving listener and the mail−from command:
C370.lab (SERVICE)> filters
Choose the operation you want to perform:
− NEW − Create a new filter.
− DELETE − Remove a filter.
− IMPORT − Import a filter script from a file.
− EXPORT − Export filters to a file
− MOVE − Move a filter to a different position.
− SET − Set a filter attribute.
− LIST − List the filters.
− DETAIL − Get detailed information on the filters.
− LOGCONFIG − Configure log subscriptions used by filters.
− ROLLOVERNOW − Roll over a filter log file.
[]> new